package org.easy.alists;


import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.exceptions.ClientException;
import com.aliyuncs.http.MethodType;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.profile.IClientProfile;
import com.aliyuncs.sts.model.v20150401.AssumeRoleRequest;
import com.aliyuncs.sts.model.v20150401.AssumeRoleResponse;
import org.easy.alists.model.AssumeRoleResponseTemp;
import org.easy.alists.model.TempOssSts;


public class AliyunStsServiceImpl implements AliyunStsService {

    private String stsEndpoint;
    private String accessKeyId;
    private String accessKeySecret;
    private String roleArn;

    public AliyunStsServiceImpl(String stsEndpoint, String accessKeyId,
                                String accessKeySecret, String roleArn) {
        this.stsEndpoint = stsEndpoint;
        this.accessKeyId = accessKeyId;
        this.accessKeySecret = accessKeySecret;
        this.roleArn = roleArn;
    }

    //阿里云临时账号
    @Override
    public TempOssSts ossTempSts(String roleSessionName, Long expireTime, String bucketName, String endpoint, String regionId) {
        final AssumeRoleResponse response = getStsAssumeRoleResponse(roleSessionName, expireTime, bucketName, endpoint, regionId);
        TempOssSts tempOssSts = new TempOssSts();
        tempOssSts.setAccessKeyId(response.getCredentials().getAccessKeyId());
        tempOssSts.setAccessKeySecret(response.getCredentials().getAccessKeySecret());
        tempOssSts.setSecurityToken(response.getCredentials().getSecurityToken());
        tempOssSts.setExpiration(response.getCredentials().getExpiration());
        tempOssSts.setRegionId(regionId);
        tempOssSts.setEndpoint(endpoint);
        tempOssSts.setBucket(bucketName);
        return tempOssSts;
    }


    @Override
    public AssumeRoleResponse getStsAssumeRoleResponse(String roleSessionName, Long expireTime, String bucketName, String endpoint, String regionId) {
        if (expireTime == null) {
            expireTime = 3600L;
        }
        DefaultProfile.addEndpoint(regionId, "Sts", stsEndpoint);
        IClientProfile profile = DefaultProfile.getProfile(regionId, accessKeyId, accessKeySecret);
        DefaultAcsClient client = new DefaultAcsClient(profile);
        final AssumeRoleRequest request = new AssumeRoleRequest();
        request.setSysMethod(MethodType.POST);
        request.setRoleArn(roleArn);
        request.setRoleSessionName(roleSessionName);
        request.setDurationSeconds(expireTime); //设置临时访问凭证的有效时间为3600秒。
        try {
            return client.getAcsResponse(request);
        } catch (ClientException e) {
            e.printStackTrace();
        }
        return null;
    }

    @Override
    public AssumeRoleResponseTemp getStsAssumeRoleResponseTemp(String roleSessionName, Long expireTime, String bucketName, String endpoint, String regionId) {
        if (expireTime == null) {
            expireTime = 3600L;
        }
        DefaultProfile.addEndpoint(regionId, "Sts", stsEndpoint);
        IClientProfile profile = DefaultProfile.getProfile(regionId, accessKeyId, accessKeySecret);
        DefaultAcsClient client = new DefaultAcsClient(profile);
        final AssumeRoleRequest request = new AssumeRoleRequest();
        request.setSysMethod(MethodType.POST);
        request.setRoleArn(roleArn);
        request.setRoleSessionName(roleSessionName);
        request.setDurationSeconds(expireTime); //设置临时访问凭证的有效时间为3600秒。
        try {
            AssumeRoleResponse assumeRoleResponse = client.getAcsResponse(request);
            AssumeRoleResponseTemp assumeRoleResponseTemp = new AssumeRoleResponseTemp();
            assumeRoleResponseTemp.setAssumedRoleUser(assumeRoleResponse.getAssumedRoleUser());
            assumeRoleResponseTemp.setCredentials(assumeRoleResponse.getCredentials());
            assumeRoleResponseTemp.setRequestId(assumeRoleResponse.getRequestId());
            return assumeRoleResponseTemp;
        } catch (ClientException e) {
            e.printStackTrace();
        }
        return null;
    }

}
